ClientCertAuth Rule
Identified by type="ClientCertAuth"
, this rule enables TLS/SSL client certificate authentication for back-channel SOAP communication to the SP.
Attributes
Name | Type | Default | Description |
---|---|---|---|
errorFatal | boolean | false | If true, failure to validate a supplied certificate is fatal during message processing. This is distinct from cases where a certificate isn't present. |
Example
<PolicyRule type="ClientCertAuth" errorFatal="true"/>